Posted on 06/22/2007 7:53:18 PM PDT by Rodney King
Attention Linux, Vista, and Apple fan boys: put on your gloves... it's time to rumble! A 6-month vulnerability report issued by Jeff "Security Guy" Jones has caught the eye of Redmond and the ire of places beyond. The report which bases its security assessment upon vulnerabilities found (not actually exploited) claims that Vista is "more secure than OS X and Linux." In fact, the much maligned XP even crushes the competition using their calculations. Of course, it's worth noting that Jeff is a member of Microsoft's Security business unit which will probably sway your opinion as to the integrity of the data. Still, as incomplete as the assessment may be, it certainly appears to be a good showing for Vista considering the vast community of hackers attempting to thwart its security. We can predict what Billy G's probably saying right about now: Dy-no-mite JJ!
We have to use Linux occassionally, but yes as always I would prefer to use a US product to a foreign clone of it. Why should that be surprising? "The best technology" doens't completely trump all my decisions always, no. Not that I would consider Linux the best at anything much other than raw computations. The sleekness of Apple on the desktop and the complete top to bottom "stack" from Sun are better than anything any Linux vendor can provide anyway.
I’m not the only one that feels that way, especially in secure environments. When you realize the world has more needs that your mission to “free all software borders for the world” maybe you’ll understand.
Not at all.
Windows, being so widespread, is a popular target. Why would a spammer waste his time writing code to turn Macs into spam generating zombies when the payback for doing so on Windows is so much higher?
If you had a one of a kind OS it would be very "secure" because no one would be working on hacks for it.
All posts by known troll Golden Eagle have been Blocked, to view posts by this person you must edit the FRTrollBlocker.user.js file.
> No system is completely secure.
True.
> All systems are only as secure as their administrators make them. Most PC owners aren't computer security experts, so must they rely on others to secure their computers for them.
Wrong. OS security has three necessary components:
What you're talking about is NUMBER OF EXPLOITS, not SECURITY. To wit:
> Windows, being so widespread, is a popular target. Why would a spammer waste his time writing code to turn Macs into spam generating zombies when the payback for doing so on Windows is so much higher?
Windows is a popular target because it is an easy, unsecure target.
> If you had a one of a kind OS it would be very "secure" because no one would be working on hacks for it.
Good lord, NO !!
It just wouldn't have anybody interested in hacking into it. Lack of interested hackers does NOT make an OS secure. Security is by DESIGN, CONFIGURATION, and OPERATION.
Let me guess, runs on some foreign O/S you downloaded for free last night LOL. Either that or a hacked copy of something better. Fine by me, you obviously have no answers anyway.
Obscurity does not provide security but it is a form of protection.
>I’m deadly serious, it’s not like I have every suggested
>that Mac’s are for homosexuals or anything.
>Or for the clueless...
Dude, you are fixin’ to get so flamed!
LOL. Apparently the troll can't read either.
A lack of interested hackers DOES IN FACT make your system more secure. Well, I should clarify: It makes your system less vulnerable, which after all is the desired end result.
I could leave the sysadmin password taped to my monitor and that would techniclly be very insecure. However, if that computer is always in a locked room and there's no one to see the password, then the system is not very vulnerable (despite being unsecure). Vulnerability is more important to practical users than anything else.
You’re the one hiding under the bridge LOL.
Also, we need information on the nature of the vulnerabilities. Just about any exploit of Windows gets you admin access and lays bare the entire system. However, many of the exploits into OS/X or Linux take on the form of being able to crash-out program xyz or perform a DOS attack. These, while inconvenient, are not nearly as serious as say, becoming root.
Another axis of contention is the configuration of the systems. Are these vulnerabilities to the basic, out of the box system or one that has been specifically hardened against attack? Out of the box, Windows is basically wide open, while typical Linux distros fare better. Clamped down, Linux is very, very tough to get into.
Overall, this smacks of playing with the numbers until you make them show what you want. Statistics are great, you can use them to support any argument. I can prove it...statistically, 100% of arguments are supported by statistics... ;-)
Yes, but only temporarily, until it is exposed, and exposure is inevitable. With so much financial motivation on the part of today's malicious hackers, obscurity can only work for a relatively short time. And then, if the -real- security isn't there, the facade falls apart and there is less protection than if one had spent some time doing it right in the first place.
(I think we agree on that.)
One of the virtues of open source is that precisely BECAUSE the source is available for scrutiny by friend and foe alike, the software engineers and QA personnel are highly motivated to do it right the first time. That eliminates the alleged justification for attempting Security By Obscurity.
(We might agree on that.)
You're still confused between the characteristic of the system (security or vulnerability), and the environment (hackers or the lack thereof).
Let's say you're female and fertile. Does the fact that you're not having sex this month mean you're infertile? No, it only means you're not going to get pregnant this month. The minute you start screwing, you can get knocked up.
Do you get it?
> Vulnerability is more important to practical users than anything else.
That's only because they confuse "vulnerability" (a characteristic of the system) with "likelihood of being attacked successfully" (a characteristic of the environment).
If you have an insecure, vulnerable OS, but no hackers, you're just like the fertile female with no sexual partner this month. The instant one shows up and starts banging on you, you are likely to get knocked up.
Give up trying to justify insecure operating systems -- there just isn't a justification for doing a shitty job on software, given that there is a 35-year history of how to do it right (Unix, and those who learned from it).
Doubt it.
Not in classic theory, that is a new age philosophy put forth by mathmaticians that mostly study mathematical algorithms. Classic theory would claim secrecy of design is a layer of protection for anything, from complex software to the internal maps of Fort Knox. Not the only required layer of protection of course, but an additional layer nontheless. The theory of having peer review of software is originally not based on security, but rather on advancing development, which it may do on certain scales, but one that doesn't fit the world at large in my opinion.
Sounds like something I would have said.
The Mac elitists will be quick to attack your intellect for speaking truthfully! Mac’s are omnipotent and flawless! How dare you even suggest...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.